EulerOS 2.0 SP3 : qt (EulerOS-SA-2020-2136)

🗓️ 28 Sep 2020 00:00:00Reported by TenableType

EulerOS 2.0 SP3 qt package buffer over-read vulnerabilit

Reporter	Title	Published	Views	Family All 137
Tenable Nessus	Amazon Linux 2 : qt, qt5-qtbase (ALAS-2020-1574)	9 Dec 202000:00	–	nessus
Tenable Nessus	AlmaLinux 8 : qt5-qtbase (ALSA-2021:1756)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : qt5-qtbase (CESA-2021:1756)	19 May 202100:00	–	nessus
Tenable Nessus	CentOS 7 : qt and qt5-qtbase (RHSA-2020:5021)	18 Nov 202000:00	–	nessus
Tenable Nessus	Debian DLA-2376-1 : qtbase-opensource-src security update	29 Sep 202000:00	–	nessus
Tenable Nessus	Debian DLA-2377-1 : qt4-x11 security update	29 Sep 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : qt (EulerOS-SA-2020-2158)	29 Sep 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : qt (EulerOS-SA-2020-2298)	30 Oct 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : qt (EulerOS-SA-2020-2393)	3 Nov 202000:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : iApps vulnerability (K11542555)	28 Oct 202100:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(140903);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/19");

  script_cve_id("CVE-2020-17507");

  script_name(english:"EulerOS 2.0 SP3 : qt (EulerOS-SA-2020-2136)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the version of the qt packages installed, the EulerOS
installation on the remote host is affected by the following
vulnerability :

  - An issue was discovered in Qt through 5.12.9, and
    5.13.x through 5.15.x before 5.15.1. read_xbm_body in
    gui/image/qxbmhandler.cpp has a buffer
    over-read.(CVE-2020-17507)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2136
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a03545a5");
  script_set_attribute(attribute:"solution", value:
"Update the affected qt package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-17507");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/09/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt-postgresql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:qt-x11");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["qt-4.8.5-13.h8",
        "qt-devel-4.8.5-13.h8",
        "qt-mysql-4.8.5-13.h8",
        "qt-odbc-4.8.5-13.h8",
        "qt-postgresql-4.8.5-13.h8",
        "qt-x11-4.8.5-13.h8"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qt");
}

19 Feb 2024 00:00Current

6.9Medium risk

Vulners AI Score6.9

CVSS 25

CVSS 3.15.3

EPSS0.03915